<?php
require_once('../../includes/initialize.php');

if($session->is_logged_in())
{
    if(isset($_GET['logout']))
    {
        $session->logout();
    }
    redirect_to("index.php");
}

//remember to give your forms submit button a name='submit' attribute to see if it was submitted
if(isset($_POST['submit']))//form has been submitted
{
    $username = trim($_POST['username']);
    $password= trim($_POST['password']);    
    $found_user=User::authenticate($username, $password);

    //check database to see if username/password exists
    if($found_user)
    {
        $session->login($found_user);
        log_action("login", $found_user->username." logged in" );
        redirect_to("index.php");
    }
    else
    {
        //username/pass combo were not found 
        $message= "The Username/Password combination is incorrect";
    }
}
else//form not yet submitted
{
    $username = "";
    $password = "";
    $message =""; //var_dump($_POST); take off for debugging;
}
?>

<?php include_layout_template("admin_header.php");?>

    <h2>Login</h2>
    <?php echo(output_message($message));?>

    <form action="login.php" method="POST">
        <table>
            <tr>
                <td>Username: </td>
                <td><input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username) ?>"/></td>
            </tr>
            <tr>
                <td>Password: </td>
                <td><input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password) ?>"/></td>
            </tr>
            </tr>
            <tr>
                <td></td>
                <td><input type="submit" name="submit" value="login" /> </td>
            </tr>
        </table>
    </form>
    
<?php include_layout_template("admin_footer.php");?>
    
    
